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Abstract — This review is based on the access control 
policy and data sharing mechanisms. We know that Cloud 
computing is the best & proficient manner on handle our 
information remotely. Data Confidentiality is one of the 
chiefproblem now a day’s. Security is also matters while 
data storing & sharing with others. Whenever we are 
using platform like cloud trust factor also considered. A 
lot of unauthorized community tries to access & steal the 
confidential data. In the current time cryptographic 
technologies are used to secure data. Sharing cloud data 
in between group of users at a best level is still a 
complicated issue, especially when dealing with dynamic 
users group .In this paper we present and discuss propose 
system which deals with dynamic user group problem like 
revocation and data privacy & make access control 
policy. 

Keywords — Data Sharing, Attribute based mechanism, 
Access Control policy, Data Confidentiality. 

I. INTRODUCTION 

Cloud computing and information sharing is mainly 
required and quickly developing trends in this current era. 
We can get to and share information from various area 
with the assistance of internet. Additionally it prepared 
gives client adaptable infrastructure, storage space and 
hardware similarity to accomplish better execution. 

Information privacy and execution are vital factor in 
cloud storage environment. Cryptographic methods are 
utilized to secure information from unauthorized access. 
In cloud computing third parties are likewise assuming 
primary job in giving us secure channel to exchanging the 
data from information proprietor to other requested 
different end clients or customers. 

Existing system uses the cipher text policies. In which 
confidentiality of the data are made by using three factors 
data, encryption algorithm & the size of key. As well 
existing concepts third parties are used such as key as 
well as digital certificate providers & verifiers. Still it is 


not a piece of cake to keep fully tmst over these service 
providers & third parties. Not everything except rather 
some of them might have the capacity to attempt to take 
our information and keys. 

Group sharing concept is works like broadcasting 
particular data among the set of peoples. But while 
sharing encrypted or sensitive data need to share its key 
also for decryption purpose. Some time access is given to 
the set of user and one of them might be leave the group 
or change the group that time its access should be revoked 
otherwise it can be able to take unauthorized access from 
outside also. 

hi literature review we discussed on the relevant existing 
topics. 

II. LITERATURE SURVEY 

There are numerous approaches are characterized in 
regards to data sharing & data security in cloud 
computing which are mentioned in our literature. 

A. Secure Fine-Grained Access Control and Data 
Sharing for Dynamic Groups: 

Cloud computing additionally brings numerous security 
issues since cloud service providers (CSPs) are not in the 
same tmsted domain as users. To ensure information 
protection against untrusted CSPs, existing arrangements 
apply cryptographic techniques (e.g., encryption 
mechanismsj.challenging issue, particularly when 
managing dynamic client group. They proposed [l]a 
secure and efficient fine grained access control and data 
sharing scheme for dynamic user groups by (1) defining 
and enforcing access policies based on the attributes of 
the data; (2) permitting key generation center (KGC) to 
efficiently update user credentials for dynamic user 
groups; and (3) allowing some expensive computation 
tasks to be performed by untrusted CSPs without 
requiring any delegation key. They first designed an 
efficient revocable attribute-based encryption (RABE) 
scheme along with the property of ciphertext delegation 
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by exploiting and uniquely combining techniques of 
identity-based encryption (IBE), Attribute-based 
Encryption (ABE), subset-cover framework and 
ciphertext encoding mechanism. 

B. Lightweight Policy Preserving EHR Sharing 
Scheme: 

In CP-ABE, access policy is attached to the ciphertext, 
however, the access policy is not protected, which will 
also cause some privacy leakage. In this paper, authors 
proposed [3] a policy preserving EHRsystemon the basis 
of CP-ABE. Specifically, authors designed an algorithm 
which able to hide the entire access policy as well as 
recover the hidden attributes from the access matrix. The 
subsequent evaluation of element insert, lookup and 
recovery shows that their proposed scheme only 
introduces light-weighted overhead cost. They 
constmcted their scheme by utilizing the Waters CP-ABE 
as a building block. Apparently, their scheme can easily 
extend to other CP-ABE schemes with the structure 
expressed in LSSS form. 

C. Efficient Policy-Hiding Attribute-Based Access 
Control: 

With the rapid development of the Internet of Things 
(IoT) and cloud computing technologies, smart health 
(shealth)is expected to significantly improve the quality 
of healthcare. The fine-grained access control, ciphertext- 
policy attribute-based encryption (CP-ABE) has the 
potential to ensure data security in s-health. To address 
these problems, authors introduced [4]PASH, a privacy- 
aware s-health access control system, in which the key 
ingredient is a large universe CP-ABE with access 
policies partially hidden. In PASH, attribute values of 
access policies are hidden in encrypted SHRs and only 
attribute names are revealed. In fact, attribute values carry 
much more sensitive information than generic attribute 
names. Author’s security analysis indicates that PASH is 
fully secure in the standard model. Performance 
comparisons and experimental results show that PASH is 
more efficient and expressive than previous schemes. 

D. Key-Policy Attribute-Based Encryption With 
Equality Test: 

In this article, public key encryption with equality test is 
concatenated with key-policy ABE (KP-ABE) to 
presented KP-ABE with equality test (KP-ABEwET). 
This proposed [6] scheme not only offer fine-grained 
authorization of cipher-texts but also protects the 
identities of users. In contrast to ABE with keyword 
search, KP-ABEwET can test whether the cipher-texts 
encrypted by different pub he keys contain the same 
information. Moreover, the authorization process of the 
presented scheme is more flexible than that of Ma et al.'s 
scheme. Furthermore, the proposed scheme achieves one¬ 
way against chosen-ciphertext attack based on the bilinear 
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Diffe-Hellman (BDH) assumption. In addition, a new 
computational problem called the twin-decision BDH 
problem (tDBDH) is proposed in this paper. tDBDH is 
proved to be as hard as the decisional BDH problem. 
Finally, for the first time, the security model of 
authorization is provided, and the security of 
authorization based on the tDBDH assumption is proven 
in the random oracle model. 

E. Attribute-Based Data Sharing Scheme Revisited: 

Ciphertext-policy attribute-based encryption (CPABE) is 

a very capable encryption technique for secure data 
sharing. CP-ABE is limited to a potential security risk 
that is known as key escrow problem whereby the secret 
keys of users have to be issued by a trusted key authority. 
Besides, most of the existing CP-ABE schemes cannot 
support attribute with arbitrary state. They proposed [9] 
an improved two-party key issuing protocol that can 
guarantee that neither key authority nor cloud service 
provider can compromise the whole secret key of a user 
individually. Authors proposed an attribute-based data 
sharing scheme for cloud computing applications, which 
is denoted as ciphertext-policy weighted ABE scheme 
with removing escrow (CP-WABE-RE). It successfully 
resolves two types of problems: key escrow and arbitrary - 
sate attribute expression. This proposed systemenhanced 
data confidentiality and privacy in cloud system against 
the managers of KA and CSP as well as malicious system 
outsiders, where KA and CSP are seni-trusted. 

F. Secure and Verifiable Access Control Scheme for 
Big Data Storage: 

Traditional approaches are either completely ignore the 
issue of access policy update or delegate the update to a 
third party authority; but in practice, access policy update 
is important for enhancing security and dealing with the 
dynamism caused by user join and leave activities. In this 
paper, authors proposed [14] a secure and verifiable 
access control scheme based on the NTRU cryptosystem 
for big data storage in clouds. NTRU cryptosystem is a 
type of lattice-based cryptography. The proposed a new 
NTRU decryption algorithm to overcome the decryption 
failures of the original NTRU. It allows the cloud server 
to efficiently update the ciphertext when a new access 
policy is specified by the data owner, who is also able to 
validate the update to counter against cheating behaviours 
of the cloud. It also enables (i) the data owner and eligible 
users to effectively verify the legitimacy of a user for 
accessing the data, and (ii) a user to validate the 
information provided by other users for correct plaintext 
recovery. 

G. An Efficient File Hierarchy Attribute-Based 
Encryption Scheme: 

In this article, an efficient file hierarchy attribute-based 
encryption scheme is proposed [15]. The layered access 
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structures are integrated into a single access structure, and 
then the hierarchical files are encrypted with the 
integrated access structure.Hence, both ciphertext storage 
and time cost of encryption are saved. Additionally, the 
proposed scheme is proved to be secure under the 
standard assumption. Experimental model shows that the 
proposed scheme is highly efficient in terms of encryption 
and decryption. With the number of the files increasing, 
the advantages of this proposed scheme become more and 
more conspicuous. In this study, an efficient encryption 
scheme based on layered model of the access stmcture is 
proposed in cloud computing, which is named file 
hierarchy CP-ABE scheme (or FH-CP-ABE, for short). 
FH-CP-ABE extends typical CPABE with a hierarchical 
stmcture of access policy, so as to achieve simple, 
flexible and fine-grained access control Moreover, the 
proposed scheme is proved to be secure under DBDH 
assumption. 


• Comparison Of ABE Schemes 


Sr. 

NO 

Parameters 

KP-ABE 

CPABE 

HABE 

NLABE 

1 

Drawback 

It cannot 
decide who 
can encrypt 
data. 

Decrypt key only 
support user 
attribute that are 
organized logically. 

Unsuitable 

to 

implement 

Each authority 
attribute set 
should be 
disjoint 

2 

Efficiency 

Average 

Average 

Better 

Scalable 

3 

SecuredAccess 
Control 

Low 

Average 

High 

Average 

4 

Computational 

Overhead 

High 

Average 

More 

More 

5 

Data 

Confidentiality 

no 

yes 

yes 

yes 

6 

Scalability 

no 

yes 

no 

yes 

7 

User Revocation 

no 

no 

yes 

yes 

8 

collusion 

resistant 

yes 

yes 

yes 

yes 


III. PROPOSE WORK 

We go for implementation of cloud based system 
which deals with complexity of access control policy & 
dynamic group data sharing problem. Access control is 
the better one security mechanism in cloud computing. In 
this propose Attribute based access control scheme we 
provides a lightweight approach that allows data owners 
to easily define and undefined the access policies for the 
respective data shareoverthe groups. Propose system will 
also include the re key generation concept for making 
decryption key unique for each end user. Also in propose 
system we will build up the system to deal with the major 
problem of dynamic group sharing i.e User revocation. 
Revocation is becomes mandatory when the particulars 
want leave the assigned or joined group that time its 
access policies should be revoked with its dynamic 
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behavior. 

IV. CONCLUSION 

Cloud computing is most favorable and preferable 
fashion for the users which provides several useful 
services. Yet, some place, there is some security or 
assurance is required against the information put away or 
action done over the cloud. This paper provides a review 
of attribute based encryption mechanisms for cloud 
computing in which a number of security features are 
provided. Also we review the different attribute based 
access control mechanisms used in existing systems. It 
consist four different attribute based encryption schemes 
such as KP-ABE (Key-policy attribute-based encryption), 
CP-ABE (ciphertext-policy attribute-based encryption), 
HABE (Hierarchical Attribute Based Encryption), MA- 
ABE (Multi-Authority Attribute Based Encryption). 
Access Controls are associated with attributes and data . 
These data & attribute are associated with keys and just 
those keys that the related to attributes which satisfy the 
policy associated with the data. Also we discussed about 
problems within the group sharing concept. Revocation 
and reassignment both the things are more important 
while data is sharing inside the group of peoples. 
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